Autor: W B Hacker Data: A: exim-users Assumpte: Re: [exim] STARTTLS before EHLO?
Marc Sherman wrote: > W B Hacker wrote:
>
>>It does do so.
>>
>>That is the 'legacy' ssl mode AKA 'tls_on_connect'
>
>
> Bill, please be more careful about answering questions with incorrect
> information. tls_on_connect does not involve sending the STARTTLS
> command _at_all_. The connection is SSL-encrypted from the moment it's
> opened.
>
I know that. I said that. We rely on that.
>
>>tls_on_connect_ports = 465 : 587
>
>
> This has come up before; if you're going to recommend to random list
> posters that they configure 587 for tls_on_connect, please warn them
> explicitly that your configuration is very non-standard.
>
> - Marc
>
>
'Legacy', perhaps, but not 'non-standard' w/r our use of those
two ports.
465 is covered in RFC 825, 2825. 587 under RFC 3207.
Take note:
"... the submission port is by definition not a publicly
referenced SMTP server...." (RFC 3207 & port 587)